A sample program has been added to show how to use CAClient.
https://fedorahosted.org/pki/ticket/2584 Pushed to master under trivial rule. -- Endi S. Dewata
>From 3f58c06aa938f007688fd4992508fff4076e6406 Mon Sep 17 00:00:00 2001 From: "Endi S. Dewata" <edew...@redhat.com> Date: Thu, 16 Feb 2017 06:09:15 +0100 Subject: [PATCH] Added CAClientExample. A sample program has been added to show how to use CAClient. https://fedorahosted.org/pki/ticket/2584 --- .classpath | 1 + base/common/CMakeLists.txt | 1 + base/common/examples/CMakeLists.txt | 20 ++++++ base/common/examples/java/CAClientExample.java | 86 ++++++++++++++++++++++++++ 4 files changed, 108 insertions(+) create mode 100644 base/common/examples/CMakeLists.txt create mode 100644 base/common/examples/java/CAClientExample.java diff --git a/.classpath b/.classpath index 8c4d2b8d979eadc3da56ccaa21453bc62f04b104..f40bcaa2472aade6d73912894bd6665f16aa8d4e 100644 --- a/.classpath +++ b/.classpath @@ -20,6 +20,7 @@ <classpathentry excluding="**/CMakeLists.txt" kind="src" path="base/tks/src"/> <classpathentry excluding="**/CMakeLists.txt" kind="src" path="base/tps/src"/> <classpathentry kind="src" path="base/server/tomcat8/src"/> + <classpathentry kind="src" path="base/common/examples/java"/> <classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER"/> <classpathentry kind="lib" path="/usr/share/java/apache-commons-cli.jar"/> <classpathentry kind="lib" path="/usr/share/java/apache-commons-logging.jar"/> diff --git a/base/common/CMakeLists.txt b/base/common/CMakeLists.txt index f1e236de73c1b7f1db1e8f61b5cb02d4b1cd1b8f..d7856e1aab55a81c92ace5cf3f4e69d88f07da18 100644 --- a/base/common/CMakeLists.txt +++ b/base/common/CMakeLists.txt @@ -145,4 +145,5 @@ install( ) add_subdirectory(src) +add_subdirectory(examples) add_subdirectory(python) diff --git a/base/common/examples/CMakeLists.txt b/base/common/examples/CMakeLists.txt new file mode 100644 index 0000000000000000000000000000000000000000..c3802f66e401e0725d79aff3c39979e1380382b8 --- /dev/null +++ b/base/common/examples/CMakeLists.txt @@ -0,0 +1,20 @@ +project(examples) + +javac(pki-examples-classes + SOURCES + java/*.java + CLASSPATH + ${JSS_JAR} + ${PKI_NSUTIL_JAR} ${PKI_CMSUTIL_JAR} ${PKI_CERTSRV_JAR} + OUTPUT_DIR + ${CMAKE_CURRENT_BINARY_DIR}/classes + DEPENDS + pki-nsutil-jar pki-cmsutil-jar pki-certsrv-jar +) + +install( + DIRECTORY + java + DESTINATION + ${DATA_INSTALL_DIR}/examples +) diff --git a/base/common/examples/java/CAClientExample.java b/base/common/examples/java/CAClientExample.java new file mode 100644 index 0000000000000000000000000000000000000000..38d11637da752a68e295eedcec6f51d51bce40c8 --- /dev/null +++ b/base/common/examples/java/CAClientExample.java @@ -0,0 +1,86 @@ +// --- BEGIN COPYRIGHT BLOCK --- +// This program is free software; you can redistribute it and/or modify +// it under the terms of the GNU General Public License as published by +// the Free Software Foundation; version 2 of the License. +// +// This program is distributed in the hope that it will be useful, +// but WITHOUT ANY WARRANTY; without even the implied warranty of +// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +// GNU General Public License for more details. +// +// You should have received a copy of the GNU General Public License along +// with this program; if not, write to the Free Software Foundation, Inc., +// 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA. +// +// (C) 2017 Red Hat, Inc. +// All rights reserved. +// --- END COPYRIGHT BLOCK --- + +import java.io.File; +import java.net.InetAddress; + +import org.mozilla.jss.CryptoManager; +import org.mozilla.jss.crypto.CryptoToken; +import org.mozilla.jss.util.Password; + +import com.netscape.certsrv.account.AccountInfo; +import com.netscape.certsrv.ca.CAClient; +import com.netscape.certsrv.client.ClientConfig; +import com.netscape.certsrv.client.PKIClient; + +/** + * First, create an NSS database: + * $ pki -c Secret.123 client-init + * + * Then import CA admin certificate and key from PKCS #12 file: + * $ pki -c Secret.123 client-cert-import --pkcs12 <file> --pkcs12-password <password> + * + * To compile the program: + * $ javac -cp "/usr/lib/java/jss4.jar:../../lib/*" CAClientExample.java + * + * To run the program: + * $ java -cp "../../lib/*:." CAClientExample + */ +public class CAClientExample { + + public static void main(String args[]) throws Exception { + + String home = System.getProperty("user.home"); + + String nssDatabasePath = home + File.separator + ".dogtag" + File.separator + "nssdb"; + String nssDatabasePassword = "Secret.123"; + + String protocol = "https"; + String hostname = InetAddress.getLocalHost().getHostName(); + int port = 8443; + + String nickname = "caadmin"; + + CryptoManager.initialize(nssDatabasePath); + + CryptoManager manager = CryptoManager.getInstance(); + CryptoToken token = manager.getInternalKeyStorageToken(); + Password password = new Password(nssDatabasePassword.toCharArray()); + token.login(password); + + ClientConfig config = new ClientConfig(); + config.setServerURL(protocol, hostname, port); + config.setCertNickname(nickname); + + PKIClient client = new PKIClient(config); + CAClient caClient = new CAClient(client); + + AccountInfo accountInfo = caClient.login(); + + System.out.println("User ID: " + accountInfo.getID()); + System.out.println("Full name: " + accountInfo.getFullName()); + System.out.println(); + System.out.println("Roles:"); + + for (String role : accountInfo.getRoles()) { + System.out.println(" - " + role); + } + + caClient.logout(); + } +} -- 2.5.5
_______________________________________________ Pki-devel mailing list Pki-devel@redhat.com https://www.redhat.com/mailman/listinfo/pki-devel